package com.example.shiro.config;

import com.example.shiro.session.EhCacheSessionDAO;
import com.example.shiro.session.TokenWebSessionManager;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.mgt.SessionFactory;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.tomcat.util.http.Rfc6265CookieProcessor;
import org.apache.tomcat.util.http.SameSiteCookies;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.tomcat.TomcatContextCustomizer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;

@Configuration
@ConditionalOnProperty(prefix = "shiro",name = "model",matchIfMissing = true,havingValue = "session")
public class ShiroConfig {


    @Bean
    public Realm defaultRealm(){
        return new AuthorizingRealm() {
            @Override
            protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
                SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
                authorizationInfo.addStringPermission("*");
                return authorizationInfo;
            }

            @Override
            protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
                return new SimpleAuthenticationInfo("admin","123456",this.getClass().getName());
            }
        };
    }






    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition(){
        DefaultShiroFilterChainDefinition shiroFilterChainDefinition = new DefaultShiroFilterChainDefinition();
        shiroFilterChainDefinition.addPathDefinition("/login","anon");
        shiroFilterChainDefinition.addPathDefinition("/shiro/**","anon");
        shiroFilterChainDefinition.addPathDefinition("/**","user");

        return shiroFilterChainDefinition;
    }

    @Bean
    public TomcatContextCustomizer sameSiteCookiesConfig() {
        return context -> {
            final Rfc6265CookieProcessor cookieProcessor = new Rfc6265CookieProcessor();
            // 设置Cookie的SameSite
            cookieProcessor.setSameSiteCookies(SameSiteCookies.NONE.getValue());
            context.setCookieProcessor(cookieProcessor);
        };
    }



    @Bean
    public SessionManager sessionManager(SessionDAO sessionDAO
            , Environment environment, SessionFactory sessionFactory, Cookie sessionCookieTemplate){
        TokenWebSessionManager webSessionManager = new TokenWebSessionManager();
        webSessionManager.setSessionIdCookieEnabled(environment.getProperty(
                "shiro.sessionManager.sessionIdCookieEnabled",boolean.class,false));
        webSessionManager.setSessionIdUrlRewritingEnabled(environment.getProperty(
                "shiro.sessionManager.sessionIdUrlRewritingEnabled",boolean.class,false));
        webSessionManager.setSessionIdCookie(sessionCookieTemplate);

        webSessionManager.setSessionFactory(sessionFactory);
        webSessionManager.setSessionDAO(sessionDAO);
        webSessionManager.setDeleteInvalidSessions(environment.getProperty(
                "shiro.sessionManager.deleteInvalidSessions",boolean.class,true));

        return webSessionManager;
    }

    @Bean
    public CacheManager cacheManager(){
        return new EhCacheManager();
    }

    @Bean
    public SessionDAO sessionDAO(){
        return new EhCacheSessionDAO();
    }



}
